Chrome (stable) --safe-plugins flag

Don't do much with Chrome but what about the --safe-plugins switch - would there be any negatives adding it to the target command (/opt/google/chrome/google-chrome --safe-plugins %U) such as problems with flash etc.
Will it help sandboxing the plugins as there is no root access anyway ?

(Question posed by rank amateur)

 

In the past, sandboxing plugins would cause problems; e.g. you wouldn't be able to upload photos to Imageshack, because the Flash plugin can't touch your files. I've kept it disabled all this while, so I'm not really sure if these problems still exist.

And yes, sandboxing the plugins help. You don't need root access to trash your personal data inside your home folder.

 

Thanks Eice.

 

Run the browser as a separate user, problem solved. Without a browser exploit+privilege escalation one can't do anything to the rest of the system.
But I'm not suggesting you shouldn't use the sandboxing if available...

 

One user can,t manipulate the other user?

 

Yes, but it depends on the file permissions. Ubuntu for example is gives read only permission to other user by default, others are more strict and deny all access.

 

How to do that? Command?

Thanks

 

This tutorial gives you a basic idea, it's quite old so not everything might apply today (not tested just quickly skimmed!)
http://groups.google.nl/group/alt.os.linux.slackware/msg/ee6ddf2b4f6c1828

I rely on Apparmor instead, security is I think very similar (in terms of securing /home) but it allows me to lock down a program even more (disallow perl, python and write perm to tmp for example which are scriptkiddie's best friends) and simply a lot more flexible.

 

Thanks. I wish to try AppArmor but it,s way over my head.

 

Your sig says you use Ubuntu. It already comes with a profile for Firefox, all you have to do is to enter "sudo aa-enforce /etc/apparmor.d/usr.bin.firefox" (no quotes) into a terminal and you'll get a sound and tested, albeit a bit too permissive protection for Firefox. For other apps you could make a new thread here* or on ubuntuforums* and someone can write a profile for you, then drop the script into /etc/apparmor.d and run above command with the appropriate path.
You can also easily and more or less automatically generate your own profiles using the command "sudo aa-genprof application-name" but that requires some basic understanding of the Apparmor, see "man apparmor.d".

* see https://www.wilderssecurity.com/showthread.php?t=272658 and
http://ubuntuforums.org/showthread.php?t=1008911

 

Thanks Katio.

I will try when I have spare time. My main browser is chromium. May be they will add a profile for it when FF is going to be replaced with chromium as default.

 

BTW there was a way to know whether the plugins are sandboxed or not? Some one mentioned here.I forgot it now.

Basically a site with uploading via flash, that fails with safe plugins( sandboxed flash).

 

BTW, what is the correct way to add flags (switches) ? Everyone seems to add them to the launcher properties shortcut, but according to the PPA's ;-

 

In Windows, default is a folder, not a file.

 

In linux of course it's a file that can be edited to add switches ..

# Default settings for chromium-browser. This file is sourced by /bin/sh from
# /usr/bin/chromium-browser

# Options to pass to chromium-browser
CHROMIUM_FLAGS=""

Just wondering why everyone seems to add them to the launcher properties when doing it like that is not recommended.
(* To pass flags to Chromium, please don't tweak the launcher, but edit /etc/chromium-browser/default instead).

 

Well, there is one - just look in /etc/apparmor.d. There should be a profile called usr.bin.chromium-browser (alt least if you installed it from the ppa).

Enable it with

sudo aa-enforce /etc/apparmor.d/usr.bin.chromium-browser

 

Ocky, is it possible that updates may replace the launcher but leave the default file unaffected. So it would be in the user's interest not to change the launcher because alterations made there would be lost in the next update?

Incidentally, the Windows version has a file called preferences (in the default folder) which can be opened with a text editor but I don't know what will happen if it is fiddled with! It stores the various choices we make via the UI and information about extensions, themes and plug-ins.

 

vasa1, the updates (eg. from 6xx to 7xx) don't touch the launcher commands, so there must be some other reason.
(In Linux the user settings you referred to are stored in ~/.config/chromium in a folder called Default.)

 

http://www.chromium.org/developers/how-tos/run-chromium-with-flags

 

The issue is why people seem to prefer using the "launcher" route for switches in *nix.

The issue that switches are a temporary phenomenon and could vanish or not be supported is known.

On the other hand, when Windows users have been arguing for having an interface to set a different proxy server such as FF has instead of relying on the IE interface, the official response is a won't fix since a switch is available!

Source

********​

This site has an updated list of switches presented quite nicely:
http://peter.sh/experiments/chromium-command-line-switches/

 

Google and itt was talking about "the" launcher. But you can simple create new "shortcuts" (as they are called in Windows) or aliases, .desktop launchers, shellscripts what ever in other OSs. I don't see any problem with that. If you created them, they won't be changed by the system.
The only problem would be if they change, rename or remove some switches with an update. But I don't think that's happening very often and you'd soon realise it and can easily fix it.

 

Can any one tell me I should use

--safe-plugins %U

or

--safe-plugins

Thanks

 

OK, thanks katio.

The first one (see first post).

 

Thanks. So in linux it,s different from windows?